Hardware Backdooring is practical
Jonathan Brossard (Toucan System)
14/11/2012
Slides
DISCLAIMER
We are not « terrorists ». We won't release our PoC backdoor.
The x86 architecture is plagued by legacy. Governments know. The rest of the industry : not so much.
There is a need to discuss the problems in order to find solutions...
This is belived to be order of magnitudes better over existing backdoors/malware
Agenda
Motivation : state level backdooring ?
Coreboot & x86 architecture
State of the art in rootkitting, romkitting
Introducing Rakshasa
Rakshasa design
Why cryptography (Truecrypt/Bitlocker/TPM) won't save us...
Backdooring like a nation state
Who am I ?
-Security researcher, pentester
-First learned asm (~15 years ago)
-Presented at Blackhat/Defcon/CCC/HITB...
-Master in Engineering, master in Computer Sciences
-Co organiser of the NoSuchCon Conference (Paris)
Likes : Unix, network, architecture, low level, finding 0days (mem corruptions).
Dislikes : web apps, canned exploits.
-Super pure English accent (French, learned English in India, lives in Australia... ;))
FUD 101
Could a state (eg : China) backdoor
all new computers on earth ?
More introductory material
Enough FUD...
A bit of x86 architecture
State of the art, previous work
Previous work
Early 80s : Brain virus, targets the MBR
80s, 90s : thousands of such viruses
2007, John Heasman (NGS Software) Blackhat US: backdoor EFI bootloader
2009, Anibal Saco and Alfredo Ortega (Core security), CanSecWest : patch/flash a
2009, Kleissner, Blackhat US : Stoned bootkit. Bootkit Windows, Truecrypt. Load arbitrary unsigned kernel module.
2010, Kumar and Kumar (HITB Malaysia) : vbootkit bootkitting of Windows 7.
Piotr Bania, Konboot : bootkit any Windows (32/64b)
2012 : Snare (Blackhat 2012) : UEFI rootkitting
Introducing Rakshasa
Goals : create the perfect backdoor
Persistant
Stealth (0 hostile code on the machine)
Portable (OS independant)
Remote access, remote updates
State level quality : plausible deniability, non attribution
Cross network perimeters (firewalls, auth proxy)
Redundancy
Non detectable by AV (goes without saying...)
Main idea (1/3)
Typical Corporate
Network
Main idea (2/3)
How things are
supposed to work
Main idea (3/3)
What is really going to happen
Rakshasa : Design (1/2)
Core components :
-Coreboot
-SeaBios
-iPXE
-payloads
Built on top of free software : portability, non attribution, cheap dev (~4 weeks of work), really really really hard to detect as malicious.
Supports 230 motherboards.
Rakshasa : Design (2/2)
Flash the BIOS (Coreboot + PCI roms such as iPXE)
Flash the network card or any other PCI device (redundancy)
Boot a payload over the network (bootkit over https)
→Boot a payload over wifi/wimax (breach the network perimeter, bypasses network detection, I(P|D)S )
→Remotely reflash the BIOS/network card if necessary
Rakshasa architecture (1/2)